From: Luca Boccassi Date: Thu, 22 Dec 2022 11:10:32 +0000 (+0100) Subject: Merge pull request #25791 from keszybz/ukify-check-inputs X-Git-Tag: v253-rc1~226 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=27ce258c54a6ea1b999375e5c7e09b5970607dac;hp=095ff238d064f7dfbf75c9cd13834ed892fe5fd9;p=thirdparty%2Fsystemd.git Merge pull request #25791 from keszybz/ukify-check-inputs ukify: check inputs --- diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index d25f5ea68b9..3a3dbb70e88 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -18,7 +18,7 @@ body: If a distro build is used, please just paste the package version, e.g. `systemd-250.7-1.fc36.x86_64`. See https://github.com/systemd/systemd-stable/tags for the list of most recent releases. For older version please use distribution trackers (see https://systemd.io/CONTRIBUTING#filing-issues). - placeholder: '251' + placeholder: '252' validations: required: true diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index 1f24851b104..b281a7fbf03 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -119,6 +119,6 @@ body: attributes: label: The systemd version you checked that didn't have the feature you are asking for description: If this is not the most recently released upstream version, then please check first if it has that feature already. - placeholder: '251' + placeholder: '252' validations: required: false diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md index b4fa682cae8..fb353004190 100644 --- a/docs/ENVIRONMENT.md +++ b/docs/ENVIRONMENT.md @@ -415,6 +415,10 @@ disk images with `--image=` or similar: * `$SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=sec` — takes a timespan, which controls the timeout waiting for the image to be configured. Defaults to 100 msec. +* `$SYSTEMD_DISSECT_FILE_SYSTEMS=` — takes a colon-separated list of file + systems that may be mounted for automatically dissected disk images. If not + specified defaults to something like: `ext4:btrfs:xfs:vfat:erofs:squashfs` + * `$SYSTEMD_LOOP_DIRECT_IO` – takes a boolean, which controls whether to enable LO_FLAGS_DIRECT_IO (i.e. direct IO + asynchronous IO) on loopback block devices when opening them. Defaults to on, set this to "0" to disable this diff --git a/hwdb.d/60-keyboard.hwdb b/hwdb.d/60-keyboard.hwdb index c14ebbe6a21..a31beda2683 100644 --- a/hwdb.d/60-keyboard.hwdb +++ b/hwdb.d/60-keyboard.hwdb @@ -1385,6 +1385,7 @@ evdev:input:b0003v1532p0200* evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMICRO-STAR*:pn*:* evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*:* + KEYBOARD_KEY_91=config # MSIControl Center KEYBOARD_KEY_a0=mute # Fn+F9 KEYBOARD_KEY_ae=volumedown # Fn+F7 KEYBOARD_KEY_b0=volumeup # Fn+F8 @@ -1395,6 +1396,8 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*:* KEYBOARD_KEY_e4=f21 # Fn+F3 Touchpad disable KEYBOARD_KEY_ec=email # envelope button KEYBOARD_KEY_ee=camera # Fn+F6 camera disable + KEYBOARD_KEY_f1=f20 # Microphone mute + KEYBOARD_KEY_f2=rotate_display # Rotate screen KEYBOARD_KEY_f6=wlan # satellite dish1 KEYBOARD_KEY_f7=brightnessdown # Fn+F4 KEYBOARD_KEY_f8=brightnessup # Fn+F5 @@ -1436,10 +1439,6 @@ evdev:name:MSI Laptop hotkeys:dmi:bvn*:bvr*:bd*:svn*:pnM[iI][cC][rR][oO]-S[tT][a KEYBOARD_KEY_0213=f22 KEYBOARD_KEY_0214=f23 -# MSI Bravo 15-B5DX FnKeys -evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*Bravo15B5D*:* - KEYBOARD_KEY_f1=f20 # Fn+F5 Micmute - ########################################## # NEC ########################################## diff --git a/hwdb.d/60-sensor.hwdb b/hwdb.d/60-sensor.hwdb index 39abf4db19f..6c26b730601 100644 --- a/hwdb.d/60-sensor.hwdb +++ b/hwdb.d/60-sensor.hwdb @@ -45,8 +45,8 @@ # subsystem[1]. The default, when unset, is equivalent to: # ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, 1 # eg. the identity matrix, -# and is an integer value above which an object is considered -# close by a proximity sensor: +# and is an integer value above or equal to which an object is +# considered close by a proximity sensor: # PROXIMITY_NEAR_LEVEL=100 # # [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfc57732ad38f93ae6232a3b4e64fd077383a0f1 diff --git a/man/kernel-command-line.xml b/man/kernel-command-line.xml index fcab0a90f40..545dc40798a 100644 --- a/man/kernel-command-line.xml +++ b/man/kernel-command-line.xml @@ -336,11 +336,16 @@ rw - Configures the root file system and its file system - type and mount options, as well as whether it shall be - mounted read-only or read-write initially. For details, - see + Configures the root file system and its file system type and mount options, as well as + whether it shall be mounted read-only or read-write initially. For details, see systemd-fstab-generator8. + + If root= is not set (or set to gpt-auto) the automatic + root partition discovery implemented by + systemd-gpt-auto-generator8 + will be in effect. In this case rootfstype=, rootflags=, + ro, rw will be interpreted by + systemd-gpt-auto-generator. diff --git a/man/systemctl.xml b/man/systemctl.xml index 193f6b98004..a4023349d5f 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -1061,6 +1061,9 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err temporary files which will be written to the real location if the editor exits successfully. + If is specified, the given drop-in file name + will be used instead of the default override.conf. + If is specified, this will copy the original units instead of creating drop-in files. @@ -2417,6 +2420,15 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err When used with bind, creates a read-only bind mount. + + + + + When used with edit, use the given drop-in file name instead of + override.conf. + + + diff --git a/man/systemd-gpt-auto-generator.xml b/man/systemd-gpt-auto-generator.xml index 3b166b87f90..4ccc80994d0 100644 --- a/man/systemd-gpt-auto-generator.xml +++ b/man/systemd-gpt-auto-generator.xml @@ -244,10 +244,16 @@ root= + rootfstype= + rootflags= - When used with the special value gpt-auto, automatic discovery of - the root partition based on the GPT partition type is enabled. Any other value disables this - generator. + When root= is used with the special value + gpt-auto (or if the parameter is not used at all), automatic discovery of the root + partition based on the GPT partition type is enabled. Any other value disables this + logic. + + The rootfstype= and rootflags= are used to select the + file system type and options when the root file system is automatically discovered. diff --git a/man/systemd.syntax.xml b/man/systemd.syntax.xml index 1441b2bb52b..2fc22885ca6 100644 --- a/man/systemd.syntax.xml +++ b/man/systemd.syntax.xml @@ -42,8 +42,7 @@ systemd.path5, systemd.timer5, systemd.slice5, - systemd.scope5, - systemd.nspawn5 + systemd.scope5 link files, see @@ -65,6 +64,10 @@ systemd-sleep.conf5, timesyncd.conf5 + + nspawn files, see + systemd.nspawn5 + diff --git a/rules.d/60-evdev.rules b/rules.d/60-evdev.rules index 15483101e75..c97cdecb58d 100644 --- a/rules.d/60-evdev.rules +++ b/rules.d/60-evdev.rules @@ -6,7 +6,7 @@ KERNEL!="event*", GOTO="evdev_end" # Execute the match patterns below, from least-to-most specific. # Device matching the modalias string (bustype, vendor, product, version, other properties) -IMPORT{builtin}="hwdb --subsystem=input --lookup-prefix=evdev:", +IMPORT{builtin}="hwdb --subsystem=input --lookup-prefix=evdev:", \ ENV{.HAVE_HWDB_PROPERTIES}="1" # AT keyboard matching by the machine's DMI data diff --git a/src/basic/async.c b/src/basic/async.c index 241803f33a6..73de889a2b0 100644 --- a/src/basic/async.c +++ b/src/basic/async.c @@ -103,5 +103,5 @@ int asynchronous_close(int fd) { assert_se(close_nointr(fd) != -EBADF); } - return -1; + return -EBADF; } diff --git a/src/basic/chase-symlinks.c b/src/basic/chase-symlinks.c index a9de17b4763..a0134fd330b 100644 --- a/src/basic/chase-symlinks.c +++ b/src/basic/chase-symlinks.c @@ -206,7 +206,7 @@ int chase_symlinks_at( for (todo = buffer;;) { _cleanup_free_ char *first = NULL; - _cleanup_close_ int child = -1; + _cleanup_close_ int child = -EBADF; struct stat st; const char *e; diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c index 8879b998ca4..4d6d01cd992 100644 --- a/src/basic/fd-util.c +++ b/src/basic/fd-util.c @@ -246,7 +246,7 @@ static int close_all_fds_frugal(const int except[], size_t n_except) { "Refusing to loop over %d potential fds.", max_fd); - for (int fd = 3; fd >= 0; fd = fd < max_fd ? fd + 1 : -1) { + for (int fd = 3; fd >= 0; fd = fd < max_fd ? fd + 1 : -EBADF) { int q; if (fd_in_set(fd, except, n_except)) diff --git a/src/basic/fd-util.h b/src/basic/fd-util.h index 530270a73fe..97339254baa 100644 --- a/src/basic/fd-util.h +++ b/src/basic/fd-util.h @@ -15,14 +15,15 @@ /* Make sure we can distinguish fd 0 and NULL */ #define FD_TO_PTR(fd) INT_TO_PTR((fd)+1) #define PTR_TO_FD(p) (PTR_TO_INT(p)-1) +#define PIPE_EBADF { -EBADF, -EBADF } int close_nointr(int fd); int safe_close(int fd); void safe_close_pair(int p[static 2]); static inline int safe_close_above_stdio(int fd) { - if (fd < 3) /* Don't close stdin/stdout/stderr, but still invalidate the fd by returning -1 */ - return -1; + if (fd < 3) /* Don't close stdin/stdout/stderr, but still invalidate the fd by returning -EBADF. */ + return -EBADF; return safe_close(fd); } @@ -86,7 +87,7 @@ int fd_move_above_stdio(int fd); int rearrange_stdio(int original_input_fd, int original_output_fd, int original_error_fd); static inline int make_null_stdio(void) { - return rearrange_stdio(-1, -1, -1); + return rearrange_stdio(-EBADF, -EBADF, -EBADF); } /* Like TAKE_PTR() but for file descriptors, resetting them to -1 */ diff --git a/src/basic/fileio.c b/src/basic/fileio.c index a9015979620..0937e58a152 100644 --- a/src/basic/fileio.c +++ b/src/basic/fileio.c @@ -767,7 +767,7 @@ int read_full_file_full( r = xfopenat(dir_fd, filename, "re", 0, &f); if (r < 0) { - _cleanup_close_ int sk = -1; + _cleanup_close_ int sk = -EBADF; /* ENXIO is what Linux returns if we open a node that is an AF_UNIX socket */ if (r != -ENXIO) diff --git a/src/basic/io-util.h b/src/basic/io-util.h index 39728e06bcf..3afb134266a 100644 --- a/src/basic/io-util.h +++ b/src/basic/io-util.h @@ -91,7 +91,16 @@ struct iovec_wrapper *iovw_new(void); struct iovec_wrapper *iovw_free(struct iovec_wrapper *iovw); struct iovec_wrapper *iovw_free_free(struct iovec_wrapper *iovw); void iovw_free_contents(struct iovec_wrapper *iovw, bool free_vectors); + int iovw_put(struct iovec_wrapper *iovw, void *data, size_t len); +static inline int iovw_consume(struct iovec_wrapper *iovw, void *data, size_t len) { + /* Move data into iovw or free on error */ + int r = iovw_put(iovw, data, len); + if (r < 0) + free(data); + return r; +} + int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const char *value); int iovw_put_string_field_free(struct iovec_wrapper *iovw, const char *field, char *value); void iovw_rebase(struct iovec_wrapper *iovw, char *old, char *new); diff --git a/src/basic/macro.h b/src/basic/macro.h index 3d1b1751231..a00d60824dd 100644 --- a/src/basic/macro.h +++ b/src/basic/macro.h @@ -64,10 +64,14 @@ _Pragma("GCC diagnostic push") #endif -#define DISABLE_WARNING_TYPE_LIMITS \ +#define DISABLE_WARNING_TYPE_LIMITS \ _Pragma("GCC diagnostic push"); \ _Pragma("GCC diagnostic ignored \"-Wtype-limits\"") +#define DISABLE_WARNING_ADDRESS \ + _Pragma("GCC diagnostic push"); \ + _Pragma("GCC diagnostic ignored \"-Waddress\"") + #define REENABLE_WARNING \ _Pragma("GCC diagnostic pop") @@ -318,10 +322,14 @@ static inline int __coverity_check_and_return__(int condition) { *p = func(*p); \ } -/* When func() doesn't return the appropriate type, set variable to empty afterwards */ +/* When func() doesn't return the appropriate type, set variable to empty afterwards. + * The func() may be provided by a dynamically loaded shared library, hence add an assertion. */ #define DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(type, func, empty) \ static inline void func##p(type *p) { \ if (*p != (empty)) { \ + DISABLE_WARNING_ADDRESS; \ + assert(func); \ + REENABLE_WARNING; \ func(*p); \ *p = (empty); \ } \ diff --git a/src/basic/string-util.h b/src/basic/string-util.h index 46681ced997..a78b7960e36 100644 --- a/src/basic/string-util.h +++ b/src/basic/string-util.h @@ -53,9 +53,13 @@ static inline const char* enable_disable(bool b) { return b ? "enable" : "disable"; } -static inline const char *empty_to_null(const char *p) { - return isempty(p) ? NULL : p; -} +/* This macro's return pointer will have the "const" qualifier set or unset the same way as the input + * pointer. */ +#define empty_to_null(p) \ + ({ \ + const char *_p = (p); \ + (typeof(p)) (isempty(_p) ? NULL : _p); \ + }) static inline const char *empty_to_na(const char *p) { return isempty(p) ? "n/a" : p; @@ -74,6 +78,11 @@ static inline bool empty_or_dash(const char *str) { static inline const char *empty_or_dash_to_null(const char *p) { return empty_or_dash(p) ? NULL : p; } +#define empty_or_dash_to_null(p) \ + ({ \ + const char *_p = (p); \ + (typeof(p)) (empty_or_dash(_p) ? NULL : _p); \ + }) char *first_word(const char *s, const char *word) _pure_; diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c index 6afcf066cd1..5cf2055dc6e 100644 --- a/src/basic/terminal-util.c +++ b/src/basic/terminal-util.c @@ -1130,7 +1130,7 @@ static int ptsname_namespace(int pty, char **ret) { int openpt_allocate_in_namespace(pid_t pid, int flags, char **ret_slave) { _cleanup_close_ int pidnsfd = -EBADF, mntnsfd = -EBADF, usernsfd = -EBADF, rootfd = -EBADF, fd = -EBADF; - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; pid_t child; int r; @@ -1183,7 +1183,7 @@ int openpt_allocate_in_namespace(pid_t pid, int flags, char **ret_slave) { int open_terminal_in_namespace(pid_t pid, const char *name, int mode) { _cleanup_close_ int pidnsfd = -EBADF, mntnsfd = -EBADF, usernsfd = -EBADF, rootfd = -EBADF; - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; pid_t child; int r; diff --git a/src/cgroups-agent/cgroups-agent.c b/src/cgroups-agent/cgroups-agent.c index d6480097b5e..16c5a2a6934 100644 --- a/src/cgroups-agent/cgroups-agent.c +++ b/src/cgroups-agent/cgroups-agent.c @@ -18,7 +18,7 @@ int main(int argc, char *argv[]) { size_t l; int r; - r = rearrange_stdio(-1, -1, -1); + r = make_null_stdio(); if (r < 0) { log_error_errno(r, "Failed to connect stdin/stdout/stderr with /dev/null: %m"); return EXIT_FAILURE; diff --git a/src/core/automount.c b/src/core/automount.c index 361034d7f4f..4cffca419cc 100644 --- a/src/core/automount.c +++ b/src/core/automount.c @@ -573,7 +573,7 @@ static void automount_trigger_notify(Unit *u, Unit *other) { static void automount_enter_waiting(Automount *a) { _cleanup_close_ int ioctl_fd = -EBADF; - int pipe_fd[2] = { -EBADF, -EBADF }; + int pipe_fd[2] = PIPE_EBADF; char name[STRLEN("systemd-") + DECIMAL_STR_MAX(pid_t) + 1]; _cleanup_free_ char *options = NULL; bool mounted = false; diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c index 763f5d4c846..c756c1c5248 100644 --- a/src/core/dynamic-user.c +++ b/src/core/dynamic-user.c @@ -74,7 +74,7 @@ static int dynamic_user_add(Manager *m, const char *name, int storage_socket[sta } static int dynamic_user_acquire(Manager *m, const char *name, DynamicUser** ret) { - _cleanup_close_pair_ int storage_socket[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int storage_socket[2] = PIPE_EBADF; DynamicUser *d; int r; @@ -127,7 +127,7 @@ static int dynamic_user_acquire(Manager *m, const char *name, DynamicUser** ret) if (r < 0) return r; - storage_socket[0] = storage_socket[1] = -1; + storage_socket[0] = storage_socket[1] = -EBADF; if (ret) { d->n_ref++; @@ -382,7 +382,7 @@ static int dynamic_user_realize( uid_t *ret_uid, gid_t *ret_gid, bool is_user) { - _cleanup_(unlockfp) int storage_socket0_lock = -1; + _cleanup_(unlockfp) int storage_socket0_lock = -EBADF; _cleanup_close_ int uid_lock_fd = -EBADF; _cleanup_close_ int etc_passwd_lock_fd = -EBADF; uid_t num = UID_INVALID; /* a uid if is_user, and a gid otherwise */ @@ -524,7 +524,7 @@ static int dynamic_user_realize( } int dynamic_user_current(DynamicUser *d, uid_t *ret) { - _cleanup_(unlockfp) int storage_socket0_lock = -1; + _cleanup_(unlockfp) int storage_socket0_lock = -EBADF; _cleanup_close_ int lock_fd = -EBADF; uid_t uid; int r; @@ -567,7 +567,7 @@ static DynamicUser* dynamic_user_unref(DynamicUser *d) { } static int dynamic_user_close(DynamicUser *d) { - _cleanup_(unlockfp) int storage_socket0_lock = -1; + _cleanup_(unlockfp) int storage_socket0_lock = -EBADF; _cleanup_close_ int lock_fd = -EBADF; uid_t uid; int r; diff --git a/src/core/execute.c b/src/core/execute.c index 5784c8ce5c2..5dc8535a47a 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2099,7 +2099,7 @@ bool exec_needs_mount_namespace( static int setup_private_users(uid_t ouid, gid_t ogid, uid_t uid, gid_t gid) { _cleanup_free_ char *uid_map = NULL, *gid_map = NULL; - _cleanup_close_pair_ int errno_pipe[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe[2] = PIPE_EBADF; _cleanup_close_ int unshare_ready_fd = -EBADF; _cleanup_(sigkill_waitp) pid_t pid = 0; uint64_t c = 1; @@ -6609,8 +6609,8 @@ static int exec_runtime_allocate(ExecRuntime **ret, const char *id) { *n = (ExecRuntime) { .id = TAKE_PTR(id_copy), - .netns_storage_socket = { -EBADF, -EBADF }, - .ipcns_storage_socket = { -EBADF, -EBADF }, + .netns_storage_socket = PIPE_EBADF, + .ipcns_storage_socket = PIPE_EBADF, }; *ret = n; @@ -6672,7 +6672,7 @@ static int exec_runtime_make( ExecRuntime **ret) { _cleanup_(namespace_cleanup_tmpdirp) char *tmp_dir = NULL, *var_tmp_dir = NULL; - _cleanup_close_pair_ int netns_storage_socket[2] = { -EBADF, -EBADF }, ipcns_storage_socket[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int netns_storage_socket[2] = PIPE_EBADF, ipcns_storage_socket[2] = PIPE_EBADF; int r; assert(m); diff --git a/src/core/manager.c b/src/core/manager.c index 4e15f5cb8b1..3332d5775b2 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -851,7 +851,7 @@ int manager_new(LookupScope scope, ManagerTestRunFlags test_run_flags, Manager * .notify_fd = -EBADF, .cgroups_agent_fd = -EBADF, .signal_fd = -EBADF, - .user_lookup_fds = { -EBADF, -EBADF }, + .user_lookup_fds = PIPE_EBADF, .private_listen_fd = -EBADF, .dev_autofs_fd = -EBADF, .cgroup_inotify_fd = -EBADF, diff --git a/src/core/namespace.c b/src/core/namespace.c index d7c911a509f..d46daa3c05c 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -2832,7 +2832,7 @@ int setup_tmp_dirs(const char *id, char **tmp_dir, char **var_tmp_dir) { } int setup_shareable_ns(const int ns_storage_socket[static 2], unsigned long nsflag) { - _cleanup_close_ int ns = -1; + _cleanup_close_ int ns = -EBADF; int r, q; const char *ns_name, *ns_path; @@ -2900,7 +2900,7 @@ fail: } int open_shareable_ns_path(const int ns_storage_socket[static 2], const char *path, unsigned long nsflag) { - _cleanup_close_ int ns = -1; + _cleanup_close_ int ns = -EBADF; int q, r; assert(ns_storage_socket); diff --git a/src/core/service.c b/src/core/service.c index c967dc98979..b1fe19127f6 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -1402,7 +1402,7 @@ static int service_allocate_exec_fd( sd_event_source **ret_event_source, int *ret_exec_fd) { - _cleanup_close_pair_ int p[] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int p[] = PIPE_EBADF; int r; assert(s); diff --git a/src/core/socket.c b/src/core/socket.c index 518f2770539..409d415d8d9 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -1502,7 +1502,7 @@ static int socket_address_listen_in_cgroup( const SocketAddress *address, const char *label) { - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; int fd, r; pid_t pid; @@ -2899,7 +2899,7 @@ static int socket_accept_do(Socket *s, int fd) { } static int socket_accept_in_cgroup(Socket *s, SocketPort *p, int fd) { - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; int cfd, r; pid_t pid; diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 4ca19370f3e..192dc4c654b 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -4,6 +4,7 @@ #include #include #include +#include #include #include @@ -107,24 +108,27 @@ enum { META_EXE = _META_MANDATORY_MAX, META_UNIT, + META_PROC_AUXV, _META_MAX }; static const char * const meta_field_names[_META_MAX] = { - [META_ARGV_PID] = "COREDUMP_PID=", - [META_ARGV_UID] = "COREDUMP_UID=", - [META_ARGV_GID] = "COREDUMP_GID=", - [META_ARGV_SIGNAL] = "COREDUMP_SIGNAL=", - [META_ARGV_TIMESTAMP] = "COREDUMP_TIMESTAMP=", - [META_ARGV_RLIMIT] = "COREDUMP_RLIMIT=", - [META_ARGV_HOSTNAME] = "COREDUMP_HOSTNAME=", - [META_COMM] = "COREDUMP_COMM=", - [META_EXE] = "COREDUMP_EXE=", - [META_UNIT] = "COREDUMP_UNIT=", + [META_ARGV_PID] = "COREDUMP_PID=", + [META_ARGV_UID] = "COREDUMP_UID=", + [META_ARGV_GID] = "COREDUMP_GID=", + [META_ARGV_SIGNAL] = "COREDUMP_SIGNAL=", + [META_ARGV_TIMESTAMP] = "COREDUMP_TIMESTAMP=", + [META_ARGV_RLIMIT] = "COREDUMP_RLIMIT=", + [META_ARGV_HOSTNAME] = "COREDUMP_HOSTNAME=", + [META_COMM] = "COREDUMP_COMM=", + [META_EXE] = "COREDUMP_EXE=", + [META_UNIT] = "COREDUMP_UNIT=", + [META_PROC_AUXV] = "COREDUMP_PROC_AUXV=", }; typedef struct Context { const char *meta[_META_MAX]; + size_t meta_size[_META_MAX]; pid_t pid; bool is_pid1; bool is_journald; @@ -139,9 +143,9 @@ typedef enum CoredumpStorage { } CoredumpStorage; static const char* const coredump_storage_table[_COREDUMP_STORAGE_MAX] = { - [COREDUMP_STORAGE_NONE] = "none", + [COREDUMP_STORAGE_NONE] = "none", [COREDUMP_STORAGE_EXTERNAL] = "external", - [COREDUMP_STORAGE_JOURNAL] = "journal", + [COREDUMP_STORAGE_JOURNAL] = "journal", }; DEFINE_PRIVATE_STRING_TABLE_LOOKUP(coredump_storage, CoredumpStorage); @@ -157,13 +161,13 @@ static uint64_t arg_max_use = UINT64_MAX; static int parse_config(void) { static const ConfigTableItem items[] = { - { "Coredump", "Storage", config_parse_coredump_storage, 0, &arg_storage }, - { "Coredump", "Compress", config_parse_bool, 0, &arg_compress }, - { "Coredump", "ProcessSizeMax", config_parse_iec_uint64, 0, &arg_process_size_max }, - { "Coredump", "ExternalSizeMax", config_parse_iec_uint64_infinity, 0, &arg_external_size_max }, - { "Coredump", "JournalSizeMax", config_parse_iec_size, 0, &arg_journal_size_max }, - { "Coredump", "KeepFree", config_parse_iec_uint64, 0, &arg_keep_free }, - { "Coredump", "MaxUse", config_parse_iec_uint64, 0, &arg_max_use }, + { "Coredump", "Storage", config_parse_coredump_storage, 0, &arg_storage }, + { "Coredump", "Compress", config_parse_bool, 0, &arg_compress }, + { "Coredump", "ProcessSizeMax", config_parse_iec_uint64, 0, &arg_process_size_max }, + { "Coredump", "ExternalSizeMax", config_parse_iec_uint64_infinity, 0, &arg_external_size_max }, + { "Coredump", "JournalSizeMax", config_parse_iec_size, 0, &arg_journal_size_max }, + { "Coredump", "KeepFree", config_parse_iec_uint64, 0, &arg_keep_free }, + { "Coredump", "MaxUse", config_parse_iec_uint64, 0, &arg_max_use }, {} }; @@ -186,13 +190,16 @@ static uint64_t storage_size_max(void) { return 0; } -static int fix_acl(int fd, uid_t uid) { +static int fix_acl(int fd, uid_t uid, bool allow_user) { + assert(fd >= 0); + assert(uid_is_valid(uid)); #if HAVE_ACL int r; - assert(fd >= 0); - assert(uid_is_valid(uid)); + /* We don't allow users to read coredumps if the uid or capabilities were changed. */ + if (!allow_user) + return 0; if (uid_is_system(uid) || uid_is_dynamic(uid) || uid == UID_NOBODY) return 0; @@ -209,15 +216,15 @@ static int fix_acl(int fd, uid_t uid) { static int fix_xattr(int fd, const Context *context) { static const char * const xattrs[_META_MAX] = { - [META_ARGV_PID] = "user.coredump.pid", - [META_ARGV_UID] = "user.coredump.uid", - [META_ARGV_GID] = "user.coredump.gid", - [META_ARGV_SIGNAL] = "user.coredump.signal", - [META_ARGV_TIMESTAMP] = "user.coredump.timestamp", - [META_ARGV_RLIMIT] = "user.coredump.rlimit", - [META_ARGV_HOSTNAME] = "user.coredump.hostname", - [META_COMM] = "user.coredump.comm", - [META_EXE] = "user.coredump.exe", + [META_ARGV_PID] = "user.coredump.pid", + [META_ARGV_UID] = "user.coredump.uid", + [META_ARGV_GID] = "user.coredump.gid", + [META_ARGV_SIGNAL] = "user.coredump.signal", + [META_ARGV_TIMESTAMP] = "user.coredump.timestamp", + [META_ARGV_RLIMIT] = "user.coredump.rlimit", + [META_ARGV_HOSTNAME] = "user.coredump.hostname", + [META_COMM] = "user.coredump.comm", + [META_EXE] = "user.coredump.exe", }; int r = 0; @@ -252,7 +259,8 @@ static int fix_permissions( const char *filename, const char *target, const Context *context, - uid_t uid) { + uid_t uid, + bool allow_user) { int r; @@ -262,7 +270,7 @@ static int fix_permissions( /* Ignore errors on these */ (void) fchmod(fd, 0640); - (void) fix_acl(fd, uid); + (void) fix_acl(fd, uid, allow_user); (void) fix_xattr(fd, context); r = fsync_full(fd); @@ -332,6 +340,153 @@ static int make_filename(const Context *context, char **ret) { return 0; } +static int parse_auxv64( + const uint64_t *auxv, + size_t size_bytes, + int *at_secure, + uid_t *uid, + uid_t *euid, + gid_t *gid, + gid_t *egid) { + + assert(auxv || size_bytes == 0); + + if (size_bytes % (2 * sizeof(uint64_t)) != 0) + return log_warning_errno(SYNTHETIC_ERRNO(EIO), "Incomplete auxv structure (%zu bytes).", size_bytes); + + size_t words = size_bytes / sizeof(uint64_t); + + /* Note that we set output variables even on error. */ + + for (size_t i = 0; i + 1 < words; i += 2) + switch (auxv[i]) { + case AT_SECURE: + *at_secure = auxv[i + 1] != 0; + break; + case AT_UID: + *uid = auxv[i + 1]; + break; + case AT_EUID: + *euid = auxv[i + 1]; + break; + case AT_GID: + *gid = auxv[i + 1]; + break; + case AT_EGID: + *egid = auxv[i + 1]; + break; + case AT_NULL: + if (auxv[i + 1] != 0) + goto error; + return 0; + } + error: + return log_warning_errno(SYNTHETIC_ERRNO(ENODATA), + "AT_NULL terminator not found, cannot parse auxv structure."); +} + +static int parse_auxv32( + const uint32_t *auxv, + size_t size_bytes, + int *at_secure, + uid_t *uid, + uid_t *euid, + gid_t *gid, + gid_t *egid) { + + assert(auxv || size_bytes == 0); + + size_t words = size_bytes / sizeof(uint32_t); + + if (size_bytes % (2 * sizeof(uint32_t)) != 0) + return log_warning_errno(SYNTHETIC_ERRNO(EIO), "Incomplete auxv structure (%zu bytes).", size_bytes); + + /* Note that we set output variables even on error. */ + + for (size_t i = 0; i + 1 < words; i += 2) + switch (auxv[i]) { + case AT_SECURE: + *at_secure = auxv[i + 1] != 0; + break; + case AT_UID: + *uid = auxv[i + 1]; + break; + case AT_EUID: + *euid = auxv[i + 1]; + break; + case AT_GID: + *gid = auxv[i + 1]; + break; + case AT_EGID: + *egid = auxv[i + 1]; + break; + case AT_NULL: + if (auxv[i + 1] != 0) + goto error; + return 0; + } + error: + return log_warning_errno(SYNTHETIC_ERRNO(ENODATA), + "AT_NULL terminator not found, cannot parse auxv structure."); +} + +static int grant_user_access(int core_fd, const Context *context) { + int at_secure = -1; + uid_t uid = UID_INVALID, euid = UID_INVALID; + uid_t gid = GID_INVALID, egid = GID_INVALID; + int r; + + assert(core_fd >= 0); + assert(context); + + if (!context->meta[META_PROC_AUXV]) + return log_warning_errno(SYNTHETIC_ERRNO(ENODATA), "No auxv data, not adjusting permissions."); + + uint8_t elf[EI_NIDENT]; + errno = 0; + if (pread(core_fd, &elf, sizeof(elf), 0) != sizeof(elf)) + return log_warning_errno(errno_or_else(EIO), + "Failed to pread from coredump fd: %s", STRERROR_OR_EOF(errno)); + + if (elf[EI_MAG0] != ELFMAG0 || + elf[EI_MAG1] != ELFMAG1 || + elf[EI_MAG2] != ELFMAG2 || + elf[EI_MAG3] != ELFMAG3 || + elf[EI_VERSION] != EV_CURRENT) + return log_info_errno(SYNTHETIC_ERRNO(EUCLEAN), + "Core file does not have ELF header, not adjusting permissions."); + if (!IN_SET(elf[EI_CLASS], ELFCLASS32, ELFCLASS64) || + !IN_SET(elf[EI_DATA], ELFDATA2LSB, ELFDATA2MSB)) + return log_info_errno(SYNTHETIC_ERRNO(EUCLEAN), + "Core file has strange ELF class, not adjusting permissions."); + + if ((elf[EI_DATA] == ELFDATA2LSB) != (__BYTE_ORDER == __LITTLE_ENDIAN)) + return log_info_errno(SYNTHETIC_ERRNO(EUCLEAN), + "Core file has non-native endianness, not adjusting permissions."); + + if (elf[EI_CLASS] == ELFCLASS64) + r = parse_auxv64((const uint64_t*) context->meta[META_PROC_AUXV], + context->meta_size[META_PROC_AUXV], + &at_secure, &uid, &euid, &gid, &egid); + else + r = parse_auxv32((const uint32_t*) context->meta[META_PROC_AUXV], + context->meta_size[META_PROC_AUXV], + &at_secure, &uid, &euid, &gid, &egid); + if (r < 0) + return r; + + /* We allow access if we got all the data and at_secure is not set and + * the uid/gid matches euid/egid. */ + bool ret = + at_secure == 0 && + uid != UID_INVALID && euid != UID_INVALID && uid == euid && + gid != GID_INVALID && egid != GID_INVALID && gid == egid; + log_debug("Will %s access (uid="UID_FMT " euid="UID_FMT " gid="GID_FMT " egid="GID_FMT " at_secure=%s)", + ret ? "permit" : "restrict", + uid, euid, gid, egid, yes_no(at_secure)); + return ret; +} + static int save_external_coredump( const Context *context, int input_fd, @@ -454,6 +609,8 @@ static int save_external_coredump( context->meta[META_ARGV_PID], context->meta[META_COMM]); truncated = r == 1; + bool allow_user = grant_user_access(fd, context) > 0; + #if HAVE_COMPRESSION if (arg_compress) { _cleanup_(unlink_and_freep) char *tmp_compressed = NULL; @@ -491,7 +648,7 @@ static int save_external_coredump( uncompressed_size += partial_uncompressed_size; } - r = fix_permissions(fd_compressed, tmp_compressed, fn_compressed, context, uid); + r = fix_permissions(fd_compressed, tmp_compressed, fn_compressed, context, uid, allow_user); if (r < 0) return r; @@ -518,7 +675,7 @@ static int save_external_coredump( "SIZE_LIMIT=%"PRIu64, max_size, "MESSAGE_ID=" SD_MESSAGE_TRUNCATED_CORE_STR); - r = fix_permissions(fd, tmp, fn, context, uid); + r = fix_permissions(fd, tmp, fn, context, uid, allow_user); if (r < 0) return log_error_errno(r, "Failed to fix permissions and finalize coredump %s into %s: %m", coredump_tmpfile_name(tmp), fn); @@ -766,7 +923,7 @@ static int change_uid_gid(const Context *context) { } static int submit_coredump( - Context *context, + const Context *context, struct iovec_wrapper *iovw, int input_fd) { @@ -945,16 +1102,15 @@ static int save_context(Context *context, const struct iovec_wrapper *iovw) { struct iovec *iovec = iovw->iovec + n; for (size_t i = 0; i < ELEMENTSOF(meta_field_names); i++) { - char *p; - /* Note that these strings are NUL terminated, because we made sure that a * trailing NUL byte is in the buffer, though not included in the iov_len * count (see process_socket() and gather_pid_metadata_*()) */ assert(((char*) iovec->iov_base)[iovec->iov_len] == 0); - p = startswith(iovec->iov_base, meta_field_names[i]); + const char *p = startswith(iovec->iov_base, meta_field_names[i]); if (p) { context->meta[i] = p; + context->meta_size[i] = iovec->iov_len - strlen(meta_field_names[i]); break; } } @@ -1191,6 +1347,7 @@ static int gather_pid_metadata(struct iovec_wrapper *iovw, Context *context) { uid_t owner_uid; pid_t pid; char *t; + size_t size; const char *p; int r; @@ -1255,13 +1412,26 @@ static int gather_pid_metadata(struct iovec_wrapper *iovw, Context *context) { (void) iovw_put_string_field_free(iovw, "COREDUMP_PROC_LIMITS=", t); p = procfs_file_alloca(pid, "cgroup"); - if (read_full_virtual_file(p, &t, NULL) >=0) + if (read_full_virtual_file(p, &t, NULL) >= 0) (void) iovw_put_string_field_free(iovw, "COREDUMP_PROC_CGROUP=", t); p = procfs_file_alloca(pid, "mountinfo"); - if (read_full_virtual_file(p, &t, NULL) >=0) + if (read_full_virtual_file(p, &t, NULL) >= 0) (void) iovw_put_string_field_free(iovw, "COREDUMP_PROC_MOUNTINFO=", t); + /* We attach /proc/auxv here. ELF coredumps also contain a note for this (NT_AUXV), see elf(5). */ + p = procfs_file_alloca(pid, "auxv"); + if (read_full_virtual_file(p, &t, &size) >= 0) { + char *buf = malloc(strlen("COREDUMP_PROC_AUXV=") + size + 1); + if (buf) { + /* Add a dummy terminator to make save_context() happy. */ + *((uint8_t*) mempcpy(stpcpy(buf, "COREDUMP_PROC_AUXV="), t, size)) = '\0'; + (void) iovw_consume(iovw, buf, size + strlen("COREDUMP_PROC_AUXV=")); + } + + free(t); + } + if (get_process_cwd(pid, &t) >= 0) (void) iovw_put_string_field_free(iovw, "COREDUMP_CWD=", t); @@ -1293,7 +1463,7 @@ static int process_kernel(int argc, char* argv[]) { /* When we're invoked by the kernel, stdout/stderr are closed which is dangerous because the fds * could get reallocated. To avoid hard to debug issues, let's instead bind stdout/stderr to * /dev/null. */ - r = rearrange_stdio(STDIN_FILENO, -1, -1); + r = rearrange_stdio(STDIN_FILENO, -EBADF, -EBADF); if (r < 0) return log_error_errno(r, "Failed to connect stdout/stderr to /dev/null: %m"); diff --git a/src/creds/creds.c b/src/creds/creds.c index d987f04ef43..71bf355b383 100644 --- a/src/creds/creds.c +++ b/src/creds/creds.c @@ -563,7 +563,7 @@ static int verb_decrypt(int argc, char **argv, void *userdata) { if (r < 0) return log_error_errno(r, "Failed to read encrypted credential data: %m"); - output_path = (argc < 3 || isempty(argv[2]) || streq(argv[2], "-")) ? NULL : argv[2]; + output_path = (argc < 3 || empty_or_dash(argv[2])) ? NULL : argv[2]; if (arg_name_any) name = NULL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index 7cd9aed5799..651415568d6 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -881,7 +881,7 @@ static int write_root_shadow(const char *shadow_path, const char *hashed_passwor } static int process_root_account(void) { - _cleanup_close_ int lock = -1; + _cleanup_close_ int lock = -EBADF; _cleanup_(erase_and_freep) char *_hashed_password = NULL; const char *password, *hashed_password; const char *etc_passwd, *etc_shadow; diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c index 29265d9220e..37fdfa540f1 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -241,7 +241,7 @@ static int fsck_progress_socket(void) { } static int run(int argc, char *argv[]) { - _cleanup_close_pair_ int progress_pipe[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int progress_pipe[2] = PIPE_EBADF; _cleanup_(sd_device_unrefp) sd_device *dev = NULL; _cleanup_free_ char *dpath = NULL; _cleanup_fclose_ FILE *console = NULL; diff --git a/src/fuzz/fuzz-varlink.c b/src/fuzz/fuzz-varlink.c index c97586be9ef..cbfde088d90 100644 --- a/src/fuzz/fuzz-varlink.c +++ b/src/fuzz/fuzz-varlink.c @@ -85,7 +85,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct iovec server_iov = IOVEC_MAKE((void*) data, size), client_iov = IOVEC_MAKE((void*) data, size); /* Important: the declaration order matters here! we want that the fds are closed on return after the * event sources, hence we declare the fds first, the event sources second */ - _cleanup_close_pair_ int server_pair[2] = { -EBADF, -EBADF }, client_pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int server_pair[2] = PIPE_EBADF, client_pair[2] = PIPE_EBADF; _cleanup_(sd_event_source_unrefp) sd_event_source *idle_event_source = NULL, *server_event_source = NULL, *client_event_source = NULL; _cleanup_(varlink_server_unrefp) VarlinkServer *s = NULL; diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c index f2f6cc1a53d..1d626f2a5a0 100644 --- a/src/gpt-auto-generator/gpt-auto-generator.c +++ b/src/gpt-auto-generator/gpt-auto-generator.c @@ -40,8 +40,13 @@ static const char *arg_dest = NULL; static bool arg_enabled = true; static bool arg_root_enabled = true; +static char *arg_root_fstype = NULL; +static char *arg_root_options = NULL; static int arg_root_rw = -1; +STATIC_DESTRUCTOR_REGISTER(arg_root_fstype, freep); +STATIC_DESTRUCTOR_REGISTER(arg_root_options, freep); + static int add_cryptsetup( const char *id, const char *what, @@ -165,6 +170,15 @@ static int add_mount( what = crypto_what; fstype = NULL; + } else if (fstype) { + r = dissect_fstype_ok(fstype); + if (r < 0) + return log_error_errno(r, "Unable to determine of dissected file system type '%s' is permitted: %m", fstype); + if (!r) + return log_error_errno( + SYNTHETIC_ERRNO(EIDRM), + "Refusing to automatically mount uncommon file system '%s' to '%s'.", + fstype, where); } r = unit_name_from_path(where, ".mount", &unit); @@ -622,10 +636,10 @@ static int add_root_mount(void) { "root", "/dev/gpt-auto-root", in_initrd() ? "/sysroot" : "/", - NULL, + arg_root_fstype, /* rw= */ arg_root_rw > 0, /* growfs= */ false, - NULL, + arg_root_options, "Root Partition", in_initrd() ? SPECIAL_INITRD_ROOT_FS_TARGET : SPECIAL_LOCAL_FS_TARGET); #else @@ -801,6 +815,21 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat arg_root_enabled = false; + } else if (streq(key, "rootfstype")) { + + if (proc_cmdline_value_missing(key, value)) + return 0; + + return free_and_strdup_warn(&arg_root_fstype, value); + + } else if (streq(key, "rootflags")) { + + if (proc_cmdline_value_missing(key, value)) + return 0; + + if (!strextend_with_separator(&arg_root_options, ",", value)) + return log_oom(); + } else if (proc_cmdline_key_streq(key, "rw") && !value) arg_root_rw = true; else if (proc_cmdline_key_streq(key, "ro") && !value) diff --git a/src/import/import-common.c b/src/import/import-common.c index eb52c6c116c..0e2c7edae1c 100644 --- a/src/import/import-common.c +++ b/src/import/import-common.c @@ -23,7 +23,7 @@ #include "tmpfile-util.h" int import_fork_tar_x(const char *path, pid_t *ret) { - _cleanup_close_pair_ int pipefd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pipefd[2] = PIPE_EBADF; bool use_selinux; pid_t pid; int r; @@ -64,7 +64,7 @@ int import_fork_tar_x(const char *path, pid_t *ret) { pipefd[1] = safe_close(pipefd[1]); - r = rearrange_stdio(TAKE_FD(pipefd[0]), -1, STDERR_FILENO); + r = rearrange_stdio(TAKE_FD(pipefd[0]), -EBADF, STDERR_FILENO); if (r < 0) { log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); @@ -96,7 +96,7 @@ int import_fork_tar_x(const char *path, pid_t *ret) { } int import_fork_tar_c(const char *path, pid_t *ret) { - _cleanup_close_pair_ int pipefd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pipefd[2] = PIPE_EBADF; bool use_selinux; pid_t pid; int r; @@ -130,7 +130,7 @@ int import_fork_tar_c(const char *path, pid_t *ret) { pipefd[0] = safe_close(pipefd[0]); - r = rearrange_stdio(-1, TAKE_FD(pipefd[1]), STDERR_FILENO); + r = rearrange_stdio(-EBADF, TAKE_FD(pipefd[1]), STDERR_FILENO); if (r < 0) { log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); diff --git a/src/import/importd.c b/src/import/importd.c index b6d90cde103..65647a66a63 100644 --- a/src/import/importd.c +++ b/src/import/importd.c @@ -356,7 +356,7 @@ static int transfer_on_log(sd_event_source *s, int fd, uint32_t revents, void *u } static int transfer_start(Transfer *t) { - _cleanup_close_pair_ int pipefd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pipefd[2] = PIPE_EBADF; int r; assert(t); diff --git a/src/import/pull-common.c b/src/import/pull-common.c index 1c7194fd6b1..6980f12a796 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -381,7 +381,7 @@ static int verify_gpg( const void *payload, size_t payload_size, const void *signature, size_t signature_size) { - _cleanup_close_pair_ int gpg_pipe[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int gpg_pipe[2] = PIPE_EBADF; char sig_file_path[] = "/tmp/sigXXXXXX", gpg_home[] = "/tmp/gpghomeXXXXXX"; _cleanup_(sigkill_waitp) pid_t pid = 0; bool gpg_home_created = false; @@ -395,7 +395,7 @@ static int verify_gpg( return log_error_errno(errno, "Failed to create pipe for gpg: %m"); if (signature_size > 0) { - _cleanup_close_ int sig_file = -1; + _cleanup_close_ int sig_file = -EBADF; sig_file = mkostemp(sig_file_path, O_RDWR); if (sig_file < 0) @@ -440,7 +440,7 @@ static int verify_gpg( gpg_pipe[1] = safe_close(gpg_pipe[1]); - r = rearrange_stdio(TAKE_FD(gpg_pipe[0]), -1, STDERR_FILENO); + r = rearrange_stdio(TAKE_FD(gpg_pipe[0]), -EBADF, STDERR_FILENO); if (r < 0) { log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); diff --git a/src/initctl/initctl.c b/src/initctl/initctl.c index 74842000659..0882570a660 100644 --- a/src/initctl/initctl.c +++ b/src/initctl/initctl.c @@ -311,7 +311,7 @@ static int process_event(Server *s, struct epoll_event *ev) { } static int run(int argc, char *argv[]) { - _cleanup_(server_done) Server server = { .epoll_fd = -1 }; + _cleanup_(server_done) Server server = { .epoll_fd = -EBADF }; _unused_ _cleanup_(notify_on_cleanup) const char *notify_stop = NULL; int r, n; diff --git a/src/journal/fuzz-journald-stream.c b/src/journal/fuzz-journald-stream.c index cece8c440e8..ed52f950d2e 100644 --- a/src/journal/fuzz-journald-stream.c +++ b/src/journal/fuzz-journald-stream.c @@ -9,7 +9,7 @@ #include "fuzz-journald.h" #include "journald-stream.h" -static int stream_fds[2] = { -EBADF, -EBADF }; +static int stream_fds[2] = PIPE_EBADF; int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { Server s; diff --git a/src/libsystemd-network/arp-util.c b/src/libsystemd-network/arp-util.c index eec794a653b..ad61614f12f 100644 --- a/src/libsystemd-network/arp-util.c +++ b/src/libsystemd-network/arp-util.c @@ -73,7 +73,7 @@ int arp_network_bind_raw_socket(int ifindex, const struct in_addr *a, const stru .ll.sll_halen = ETH_ALEN, .ll.sll_addr = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(ifindex > 0); diff --git a/src/libsystemd-network/dhcp-network.c b/src/libsystemd-network/dhcp-network.c index 0ee977a8c82..4e4b1ccb751 100644 --- a/src/libsystemd-network/dhcp-network.c +++ b/src/libsystemd-network/dhcp-network.c @@ -98,7 +98,7 @@ static int _bind_raw_socket( .len = ELEMENTSOF(filter), .filter = filter }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; s = socket(AF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0); @@ -178,7 +178,7 @@ int dhcp_network_bind_udp_socket(int ifindex, be32_t address, uint16_t port, int .in.sin_port = htobe16(port), .in.sin_addr.s_addr = address, }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; s = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0); diff --git a/src/libsystemd-network/dhcp6-network.c b/src/libsystemd-network/dhcp6-network.c index eedd92d3c24..a3e4e19e8e1 100644 --- a/src/libsystemd-network/dhcp6-network.c +++ b/src/libsystemd-network/dhcp6-network.c @@ -23,7 +23,7 @@ int dhcp6_network_bind_udp_socket(int ifindex, struct in6_addr *local_address) { .in6.sin6_port = htobe16(DHCP6_PORT_CLIENT), .in6.sin6_scope_id = ifindex, }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(ifindex > 0); diff --git a/src/libsystemd-network/fuzz-dhcp6-client.c b/src/libsystemd-network/fuzz-dhcp6-client.c index 7da285e54e3..356a9f48fd1 100644 --- a/src/libsystemd-network/fuzz-dhcp6-client.c +++ b/src/libsystemd-network/fuzz-dhcp6-client.c @@ -10,7 +10,7 @@ #include "fd-util.h" #include "fuzz.h" -static int test_dhcp_fd[2] = { -EBADF, -EBADF }; +static int test_dhcp_fd[2] = PIPE_EBADF; int dhcp6_network_send_udp_socket(int s, struct in6_addr *server_address, const void *packet, size_t len) { return len; diff --git a/src/libsystemd-network/fuzz-lldp-rx.c b/src/libsystemd-network/fuzz-lldp-rx.c index 00a98bbeb0e..2d8e2018540 100644 --- a/src/libsystemd-network/fuzz-lldp-rx.c +++ b/src/libsystemd-network/fuzz-lldp-rx.c @@ -10,7 +10,7 @@ #include "fuzz.h" #include "lldp-network.h" -static int test_fd[2] = { -EBADF, -EBADF }; +static int test_fd[2] = PIPE_EBADF; int lldp_network_bind_raw_socket(int ifindex) { if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0, test_fd) < 0) diff --git a/src/libsystemd-network/fuzz-ndisc-rs.c b/src/libsystemd-network/fuzz-ndisc-rs.c index b794e2ad423..7a5c45a2f97 100644 --- a/src/libsystemd-network/fuzz-ndisc-rs.c +++ b/src/libsystemd-network/fuzz-ndisc-rs.c @@ -4,14 +4,16 @@ #include #include +#include "sd-ndisc.h" + #include "alloc-util.h" -#include "icmp6-util.h" +#include "fd-util.h" #include "fuzz.h" -#include "sd-ndisc.h" -#include "socket-util.h" +#include "icmp6-util.h" #include "ndisc-internal.h" +#include "socket-util.h" -static int test_fd[2] = { -EBADF, -EBADF }; +static int test_fd[2] = PIPE_EBADF; int icmp6_bind_router_solicitation(int index) { assert_se(socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 0, test_fd) >= 0); diff --git a/src/libsystemd-network/icmp6-util.c b/src/libsystemd-network/icmp6-util.c index b6695314878..00a59291a1c 100644 --- a/src/libsystemd-network/icmp6-util.c +++ b/src/libsystemd-network/icmp6-util.c @@ -31,7 +31,7 @@ static int icmp6_bind_router_message(const struct icmp6_filter *filter, const struct ipv6_mreq *mreq) { int ifindex = mreq->ipv6mr_interface; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(filter); diff --git a/src/libsystemd-network/test-dhcp6-client.c b/src/libsystemd-network/test-dhcp6-client.c index 7344099e77e..3e1c52a3061 100644 --- a/src/libsystemd-network/test-dhcp6-client.c +++ b/src/libsystemd-network/test-dhcp6-client.c @@ -73,7 +73,7 @@ static const uint8_t server_id[] = { SERVER_ID_BYTES }; static const struct ether_addr mac = { .ether_addr_octet = { 'A', 'B', 'C', '1', '2', '3' }, }; -static int test_fd[2] = { -EBADF, -EBADF }; +static int test_fd[2] = PIPE_EBADF; static int test_ifindex = 42; static unsigned test_client_sent_message_count = 0; static sd_dhcp6_client *client_ref = NULL; diff --git a/src/libsystemd-network/test-lldp-rx.c b/src/libsystemd-network/test-lldp-rx.c index 7ec1ab1ee90..387e1e2203a 100644 --- a/src/libsystemd-network/test-lldp-rx.c +++ b/src/libsystemd-network/test-lldp-rx.c @@ -20,7 +20,7 @@ #define TEST_LLDP_TYPE_SYSTEM_NAME "systemd-lldp" #define TEST_LLDP_TYPE_SYSTEM_DESC "systemd-lldp-desc" -static int test_fd[2] = { -EBADF, -EBADF }; +static int test_fd[2] = PIPE_EBADF; static int lldp_rx_handler_calls; int lldp_network_bind_raw_socket(int ifindex) { diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c index 4a1d4d2ef82..eddd634d8a6 100644 --- a/src/libsystemd/sd-bus/bus-container.c +++ b/src/libsystemd/sd-bus/bus-container.c @@ -12,7 +12,7 @@ #include "string-util.h" int bus_container_connect_socket(sd_bus *b) { - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; _cleanup_close_ int pidnsfd = -EBADF, mntnsfd = -EBADF, usernsfd = -EBADF, rootfd = -EBADF; int r, error_buf = 0; pid_t child; diff --git a/src/libsystemd/sd-bus/test-bus-benchmark.c b/src/libsystemd/sd-bus/test-bus-benchmark.c index a402a70223a..1eb6edd3291 100644 --- a/src/libsystemd/sd-bus/test-bus-benchmark.c +++ b/src/libsystemd/sd-bus/test-bus-benchmark.c @@ -211,9 +211,9 @@ int main(int argc, char *argv[]) { MODE_CHART, } mode = MODE_BISECT; Type type = TYPE_LEGACY; - int i, pair[2] = { -EBADF, -EBADF }; + int i, pair[2] = PIPE_EBADF; _cleanup_free_ char *address = NULL, *server_name = NULL; - _cleanup_close_ int bus_ref = -1; + _cleanup_close_ int bus_ref = -EBADF; const char *unique; cpu_set_t cpuset; size_t result; diff --git a/src/libsystemd/sd-bus/test-bus-chat.c b/src/libsystemd/sd-bus/test-bus-chat.c index 382761171c6..8e66919b463 100644 --- a/src/libsystemd/sd-bus/test-bus-chat.c +++ b/src/libsystemd/sd-bus/test-bus-chat.c @@ -260,7 +260,7 @@ static void* client1(void *p) { _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; const char *hello; int r; - _cleanup_close_pair_ int pp[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pp[2] = PIPE_EBADF; char x; r = sd_bus_open_user(&bus); diff --git a/src/libsystemd/sd-daemon/sd-daemon.c b/src/libsystemd/sd-daemon/sd-daemon.c index 46125fedf11..6da351dd9bc 100644 --- a/src/libsystemd/sd-daemon/sd-daemon.c +++ b/src/libsystemd/sd-daemon/sd-daemon.c @@ -549,7 +549,7 @@ finish: } _public_ int sd_notify_barrier(int unset_environment, uint64_t timeout) { - _cleanup_close_pair_ int pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pipe_fd[2] = PIPE_EBADF; int r; if (pipe2(pipe_fd, O_CLOEXEC) < 0) diff --git a/src/libsystemd/sd-device/device-monitor.c b/src/libsystemd/sd-device/device-monitor.c index 5c8e043fc6f..049b3aa97f2 100644 --- a/src/libsystemd/sd-device/device-monitor.c +++ b/src/libsystemd/sd-device/device-monitor.c @@ -130,7 +130,7 @@ int device_monitor_get_fd(sd_device_monitor *m) { int device_monitor_new_full(sd_device_monitor **ret, MonitorNetlinkGroup group, int fd) { _cleanup_(sd_device_monitor_unrefp) sd_device_monitor *m = NULL; - _cleanup_close_ int sock = -1; + _cleanup_close_ int sock = -EBADF; int r; assert(group >= 0 && group < _MONITOR_NETLINK_GROUP_MAX); @@ -184,7 +184,7 @@ int device_monitor_new_full(sd_device_monitor **ret, MonitorNetlinkGroup group, } if (DEBUG_LOGGING) { - _cleanup_close_ int netns = -1; + _cleanup_close_ int netns = -EBADF; /* So here's the thing: only AF_NETLINK sockets from the main network namespace will get * hardware events. Let's check if ours is from there, and if not generate a debug message, diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c index b9df1c86c36..ce1104b073e 100644 --- a/src/libsystemd/sd-event/sd-event.c +++ b/src/libsystemd/sd-event/sd-event.c @@ -2072,7 +2072,7 @@ static int event_add_inotify_fd_internal( sd_event_inotify_handler_t callback, void *userdata) { - _cleanup_close_ int donated_fd = donate ? fd : -1; + _cleanup_close_ int donated_fd = donate ? fd : -EBADF; _cleanup_(source_freep) sd_event_source *s = NULL; struct inotify_data *inotify_data = NULL; struct inode_data *inode_data = NULL; diff --git a/src/libsystemd/sd-event/test-event.c b/src/libsystemd/sd-event/test-event.c index 7cc4cc9e283..591eab8896e 100644 --- a/src/libsystemd/sd-event/test-event.c +++ b/src/libsystemd/sd-event/test-event.c @@ -198,8 +198,8 @@ static void test_basic_one(bool with_pidfd) { sd_event *e = NULL; sd_event_source *w = NULL, *x = NULL, *y = NULL, *z = NULL, *q = NULL, *t = NULL; static const char ch = 'x'; - int a[2] = { -EBADF, -EBADF }, b[2] = { -EBADF, -EBADF }, - d[2] = { -EBADF, -EBADF }, k[2] = { -EBADF, -EBADF }; + int a[2] = PIPE_EBADF, b[2] = PIPE_EBADF, + d[2] = PIPE_EBADF, k[2] = PIPE_EBADF; uint64_t event_now; int64_t priority; @@ -628,7 +628,7 @@ static int ratelimit_expired(sd_event_source *s, void *userdata) { } TEST(ratelimit) { - _cleanup_close_pair_ int p[2] = {-1, -1}; + _cleanup_close_pair_ int p[2] = PIPE_EBADF; _cleanup_(sd_event_unrefp) sd_event *e = NULL; _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL; uint64_t interval; diff --git a/src/libsystemd/sd-login/test-login.c b/src/libsystemd/sd-login/test-login.c index 2b2d1c4b640..96a8c567fc7 100644 --- a/src/libsystemd/sd-login/test-login.c +++ b/src/libsystemd/sd-login/test-login.c @@ -37,7 +37,7 @@ static const char *e(int r) { } TEST(login) { - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; _cleanup_free_ char *pp = NULL, *qq = NULL, *display_session = NULL, *cgroup = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, diff --git a/src/machine/image-dbus.c b/src/machine/image-dbus.c index f8c09a8b7cf..bf65eecfdd4 100644 --- a/src/machine/image-dbus.c +++ b/src/machine/image-dbus.c @@ -31,7 +31,7 @@ int bus_image_method_remove( void *userdata, sd_bus_error *error) { - _cleanup_close_pair_ int errno_pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe_fd[2] = PIPE_EBADF; Image *image = ASSERT_PTR(userdata); Manager *m = image->userdata; pid_t child; @@ -145,7 +145,7 @@ int bus_image_method_clone( void *userdata, sd_bus_error *error) { - _cleanup_close_pair_ int errno_pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe_fd[2] = PIPE_EBADF; Image *image = ASSERT_PTR(userdata); Manager *m = ASSERT_PTR(image->userdata); const char *new_name; diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c index 1867893004d..7a45811614c 100644 --- a/src/machine/machine-dbus.c +++ b/src/machine/machine-dbus.c @@ -223,7 +223,7 @@ int bus_machine_method_get_addresses(sd_bus_message *message, void *userdata, sd } case MACHINE_CONTAINER: { - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; _cleanup_free_ char *us = NULL, *them = NULL; _cleanup_close_ int netns_fd = -EBADF; const char *p; @@ -371,7 +371,7 @@ int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, s case MACHINE_CONTAINER: { _cleanup_close_ int mntns_fd = -EBADF, root_fd = -EBADF, pidns_fd = -EBADF; - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; _cleanup_fclose_ FILE *f = NULL; pid_t child; @@ -436,7 +436,7 @@ int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, s int bus_machine_method_open_pty(sd_bus_message *message, void *userdata, sd_bus_error *error) { _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; _cleanup_free_ char *pty_name = NULL; - _cleanup_close_ int master = -1; + _cleanup_close_ int master = -EBADF; Machine *m = ASSERT_PTR(userdata); int r; @@ -525,7 +525,7 @@ int bus_machine_method_open_login(sd_bus_message *message, void *userdata, sd_bu _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; _cleanup_free_ char *pty_name = NULL; _cleanup_(sd_bus_flush_close_unrefp) sd_bus *allocated_bus = NULL; - _cleanup_close_ int master = -1; + _cleanup_close_ int master = -EBADF; sd_bus *container_bus = NULL; Machine *m = ASSERT_PTR(userdata); const char *p, *getty; @@ -588,7 +588,7 @@ int bus_machine_method_open_shell(sd_bus_message *message, void *userdata, sd_bu _cleanup_free_ char *pty_name = NULL; _cleanup_(sd_bus_flush_close_unrefp) sd_bus *allocated_bus = NULL; sd_bus *container_bus = NULL; - _cleanup_close_ int master = -1, slave = -1; + _cleanup_close_ int master = -EBADF, slave = -EBADF; _cleanup_strv_free_ char **env = NULL, **args_wire = NULL, **args = NULL; Machine *m = ASSERT_PTR(userdata); const char *p, *unit, *user, *path, *description, *utmp_id; @@ -888,7 +888,7 @@ int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bu int bus_machine_method_copy(sd_bus_message *message, void *userdata, sd_bus_error *error) { _cleanup_free_ char *host_basename = NULL, *container_basename = NULL; const char *src, *dest, *host_path, *container_path; - _cleanup_close_pair_ int errno_pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe_fd[2] = PIPE_EBADF; CopyFlags copy_flags = COPY_REFLINK|COPY_MERGE|COPY_HARDLINKS; _cleanup_close_ int hostfd = -EBADF; Machine *m = ASSERT_PTR(userdata); @@ -1085,7 +1085,7 @@ int bus_machine_method_open_root_directory(sd_bus_message *message, void *userda case MACHINE_CONTAINER: { _cleanup_close_ int mntns_fd = -EBADF, root_fd = -EBADF; - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; pid_t child; r = namespace_open(m->leader, NULL, &mntns_fd, NULL, NULL, &root_fd); diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c index ed286278269..0c157a981af 100644 --- a/src/machine/machined-dbus.c +++ b/src/machine/machined-dbus.c @@ -683,7 +683,7 @@ static int method_clean_pool(sd_bus_message *message, void *userdata, sd_bus_err REMOVE_HIDDEN, } mode; - _cleanup_close_pair_ int errno_pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe_fd[2] = PIPE_EBADF; _cleanup_close_ int result_fd = -EBADF; Manager *m = userdata; Operation *operation; diff --git a/src/nspawn/nspawn-setuid.c b/src/nspawn/nspawn-setuid.c index a91ab9f25ec..e396d664412 100644 --- a/src/nspawn/nspawn-setuid.c +++ b/src/nspawn/nspawn-setuid.c @@ -39,7 +39,7 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { pipe_fds[0] = safe_close(pipe_fds[0]); - if (rearrange_stdio(-1, TAKE_FD(pipe_fds[1]), -1) < 0) + if (rearrange_stdio(-EBADF, TAKE_FD(pipe_fds[1]), -EBADF) < 0) _exit(EXIT_FAILURE); (void) close_all_fds(NULL, 0); diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index de3e95145b6..067efbe3f06 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -2376,7 +2376,7 @@ static int setup_pts(const char *dest) { } static int setup_stdio_as_dev_console(void) { - _cleanup_close_ int terminal = -1; + _cleanup_close_ int terminal = -EBADF; int r; /* We open the TTY in O_NOCTTY mode, so that we do not become controller yet. We'll do that later @@ -3348,7 +3348,7 @@ static int inner_child( } if (arg_console_mode != CONSOLE_PIPE) { - _cleanup_close_ int master = -1; + _cleanup_close_ int master = -EBADF; _cleanup_free_ char *console = NULL; /* Allocate a pty and make it available as /dev/console. */ @@ -4742,12 +4742,12 @@ static int run_container( }; _cleanup_(release_lock_file) LockFile uid_shift_lock = LOCK_FILE_INIT; - _cleanup_close_ int etc_passwd_lock = -1; + _cleanup_close_ int etc_passwd_lock = -EBADF; _cleanup_close_pair_ int - fd_inner_socket_pair[2] = { -EBADF, -EBADF }, - fd_outer_socket_pair[2] = { -EBADF, -EBADF }; + fd_inner_socket_pair[2] = PIPE_EBADF, + fd_outer_socket_pair[2] = PIPE_EBADF; - _cleanup_close_ int notify_socket = -1, mntns_fd = -EBADF, fd_kmsg_fifo = -EBADF; + _cleanup_close_ int notify_socket = -EBADF, mntns_fd = -EBADF, fd_kmsg_fifo = -EBADF; _cleanup_(barrier_destroy) Barrier barrier = BARRIER_NULL; _cleanup_(sd_event_source_unrefp) sd_event_source *notify_event_source = NULL; _cleanup_(sd_event_unrefp) sd_event *event = NULL; @@ -5413,7 +5413,7 @@ static int cant_be_in_netns(void) { static int run(int argc, char *argv[]) { bool secondary = false, remove_directory = false, remove_image = false, veth_created = false, remove_tmprootdir = false; - _cleanup_close_ int master = -1; + _cleanup_close_ int master = -EBADF; _cleanup_fdset_free_ FDSet *fds = NULL; int r, n_fd_passed, ret = EXIT_SUCCESS; char veth_name[IFNAMSIZ] = ""; diff --git a/src/portable/portable.c b/src/portable/portable.c index 28d9ccd302d..7be1afbcc4b 100644 --- a/src/portable/portable.c +++ b/src/portable/portable.c @@ -355,7 +355,7 @@ static int portable_extract_by_path( else { _cleanup_(dissected_image_unrefp) DissectedImage *m = NULL; _cleanup_(rmdir_and_freep) char *tmpdir = NULL; - _cleanup_(close_pairp) int seq[2] = { -EBADF, -EBADF }; + _cleanup_(close_pairp) int seq[2] = PIPE_EBADF; _cleanup_(sigkill_waitp) pid_t child = 0; /* We now have a loopback block device, let's fork off a child in its own mount namespace, mount it diff --git a/src/portable/portabled-image-bus.c b/src/portable/portabled-image-bus.c index f0eb71b7103..07d10b05bf1 100644 --- a/src/portable/portabled-image-bus.c +++ b/src/portable/portabled-image-bus.c @@ -486,7 +486,7 @@ int bus_image_common_remove( Image *image, sd_bus_error *error) { - _cleanup_close_pair_ int errno_pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe_fd[2] = PIPE_EBADF; _cleanup_(sigkill_waitp) pid_t child = 0; PortableState state; int r; diff --git a/src/resolve/resolved-dns-search-domain.c b/src/resolve/resolved-dns-search-domain.c index bcbb2754d78..647c0bd1f96 100644 --- a/src/resolve/resolved-dns-search-domain.c +++ b/src/resolve/resolved-dns-search-domain.c @@ -52,7 +52,7 @@ int dns_search_domain_new( l->n_search_domains++; break; - case DNS_SERVER_SYSTEM: + case DNS_SEARCH_DOMAIN_SYSTEM: LIST_APPEND(domains, m->search_domains, d); m->n_search_domains++; break; diff --git a/src/resolve/resolved-llmnr.c b/src/resolve/resolved-llmnr.c index 897674ba514..4ab455eb2fe 100644 --- a/src/resolve/resolved-llmnr.c +++ b/src/resolve/resolved-llmnr.c @@ -141,7 +141,7 @@ int manager_llmnr_ipv4_udp_fd(Manager *m) { .in.sin_family = AF_INET, .in.sin_port = htobe16(LLMNR_PORT), }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(m); @@ -211,7 +211,7 @@ int manager_llmnr_ipv6_udp_fd(Manager *m) { .in6.sin6_family = AF_INET6, .in6.sin6_port = htobe16(LLMNR_PORT), }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(m); @@ -344,7 +344,7 @@ int manager_llmnr_ipv4_tcp_fd(Manager *m) { .in.sin_family = AF_INET, .in.sin_port = htobe16(LLMNR_PORT), }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(m); @@ -410,7 +410,7 @@ int manager_llmnr_ipv6_tcp_fd(Manager *m) { .in6.sin6_family = AF_INET6, .in6.sin6_port = htobe16(LLMNR_PORT), }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(m); diff --git a/src/resolve/resolved-mdns.c b/src/resolve/resolved-mdns.c index 8d51017b5d5..cf6c22df3b2 100644 --- a/src/resolve/resolved-mdns.c +++ b/src/resolve/resolved-mdns.c @@ -466,7 +466,7 @@ int manager_mdns_ipv4_fd(Manager *m) { .in.sin_family = AF_INET, .in.sin_port = htobe16(MDNS_PORT), }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(m); @@ -541,7 +541,7 @@ int manager_mdns_ipv6_fd(Manager *m) { .in6.sin6_family = AF_INET6, .in6.sin6_port = htobe16(MDNS_PORT), }; - _cleanup_close_ int s = -1; + _cleanup_close_ int s = -EBADF; int r; assert(m); diff --git a/src/rfkill/rfkill.c b/src/rfkill/rfkill.c index 773b25d8166..96315136286 100644 --- a/src/rfkill/rfkill.c +++ b/src/rfkill/rfkill.c @@ -267,7 +267,7 @@ static void context_save_and_clear(Context *c) { } static int run(int argc, char *argv[]) { - _cleanup_(context_save_and_clear) Context c = { .rfkill_fd = -1 }; + _cleanup_(context_save_and_clear) Context c = { .rfkill_fd = -EBADF }; bool ready = false; int r, n; diff --git a/src/run/run.c b/src/run/run.c index 5f7d651b905..471d15924a0 100644 --- a/src/run/run.c +++ b/src/run/run.c @@ -1107,7 +1107,7 @@ static int start_transient_service( _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL; _cleanup_free_ char *service = NULL, *pty_path = NULL; - _cleanup_close_ int master = -1; + _cleanup_close_ int master = -EBADF; int r; assert(bus); diff --git a/src/shared/copy.c b/src/shared/copy.c index e103aa0f7ff..4eb4f9f765c 100644 --- a/src/shared/copy.c +++ b/src/shared/copy.c @@ -526,7 +526,7 @@ static int hardlink_context_setup( const char *to, CopyFlags copy_flags) { - _cleanup_close_ int dt_copy = -1; + _cleanup_close_ int dt_copy = -EBADF; int r; assert(c); diff --git a/src/shared/data-fd-util.c b/src/shared/data-fd-util.c index 0a4ef3fffc2..895d8e8b334 100644 --- a/src/shared/data-fd-util.c +++ b/src/shared/data-fd-util.c @@ -26,7 +26,7 @@ #define DATA_FD_TMP_LIMIT (1024U*1024U) int acquire_data_fd(const void *data, size_t size, unsigned flags) { - _cleanup_close_pair_ int pipefds[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pipefds[2] = PIPE_EBADF; char pattern[] = "/dev/shm/data-fd-XXXXXX"; _cleanup_close_ int fd = -EBADF; int isz = 0, r; @@ -218,7 +218,7 @@ int copy_data_fd(int fd) { /* Hmm, pity, this didn't fit. Let's fall back to /tmp then, see below */ } else { - _cleanup_(close_pairp) int pipefds[2] = { -EBADF, -EBADF }; + _cleanup_(close_pairp) int pipefds[2] = PIPE_EBADF; int isz; /* If memfds aren't available, use a pipe. Set O_NONBLOCK so that we will get EAGAIN rather diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index e2905b646dc..100b8cc8f14 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -74,6 +74,38 @@ /* how many times to wait for the device nodes to appear */ #define N_DEVICE_NODE_LIST_ATTEMPTS 10 +int dissect_fstype_ok(const char *fstype) { + const char *e; + bool b; + + /* When we automatically mount file systems, be a bit conservative by default what we are willing to + * mount, just as an extra safety net to not mount with badly maintained legacy file system + * drivers. */ + + e = secure_getenv("SYSTEMD_DISSECT_FILE_SYSTEMS"); + if (e) { + _cleanup_strv_free_ char **l = NULL; + + l = strv_split(e, ":"); + if (!l) + return -ENOMEM; + + b = strv_contains(l, fstype); + } else + b = STR_IN_SET(fstype, + "btrfs", + "erofs", + "ext4", + "squashfs", + "vfat", + "xfs"); + if (b) + return true; + + log_debug("File system type '%s' is not allowed to be mounted as result of automatic dissection.", fstype); + return false; +} + int probe_filesystem_full( int fd, const char *path, @@ -1339,6 +1371,11 @@ static int mount_partition( if (!fstype) return -EAFNOSUPPORT; + r = dissect_fstype_ok(fstype); + if (r < 0) + return r; + if (!r) + return -EIDRM; /* Recognizable error */ /* We are looking at an encrypted partition? This either means stacked encryption, or the caller * didn't call dissected_image_decrypt() beforehand. Let's return a recognizable error for this @@ -1488,6 +1525,7 @@ int dissected_image_mount( * -EUCLEAN → fsck for file system failed * -EBUSY → File system already mounted/used elsewhere (kernel) * -EAFNOSUPPORT → File system type not supported or not known + * -EIDRM → File system is not among allowlisted "common" file systems */ if (!(m->partitions[PARTITION_ROOT].found || @@ -1625,6 +1663,8 @@ int dissected_image_mount_and_warn( return log_error_errno(r, "File system already mounted elsewhere."); if (r == -EAFNOSUPPORT) return log_error_errno(r, "File system type not supported or not known."); + if (r == -EIDRM) + return log_error_errno(r, "File system is too uncommon, refused."); if (r < 0) return log_error_errno(r, "Failed to mount image: %m"); @@ -2696,7 +2736,7 @@ int dissected_image_acquire_metadata(DissectedImage *m, DissectImageFlags extra_ }; _cleanup_strv_free_ char **machine_info = NULL, **os_release = NULL, **initrd_release = NULL, **extension_release = NULL; - _cleanup_close_pair_ int error_pipe[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int error_pipe[2] = PIPE_EBADF; _cleanup_(rmdir_and_freep) char *t = NULL; _cleanup_(sigkill_waitp) pid_t child = 0; sd_id128_t machine_id = SD_ID128_NULL; diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h index 37a41e050a9..b65193f8872 100644 --- a/src/shared/dissect-image.h +++ b/src/shared/dissect-image.h @@ -183,3 +183,5 @@ bool dissected_image_verity_sig_ready(const DissectedImage *image, PartitionDesi int mount_image_privately_interactively(const char *path, DissectImageFlags flags, char **ret_directory, LoopDevice **ret_loop_device); int verity_dissect_and_mount(int src_fd, const char *src, const char *dest, const MountOptions *options, const char *required_host_os_release_id, const char *required_host_os_release_version_id, const char *required_host_os_release_sysext_level, const char *required_sysext_scope); + +int dissect_fstype_ok(const char *fstype); diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c index bbe59f7af6b..8da16f528fe 100644 --- a/src/shared/elf-util.c +++ b/src/shared/elf-util.c @@ -744,9 +744,9 @@ static int parse_elf(int fd, const char *executable, char **ret, JsonVariant **r } int parse_elf_object(int fd, const char *executable, bool fork_disable_dump, char **ret, JsonVariant **ret_package_metadata) { - _cleanup_close_pair_ int error_pipe[2] = { -EBADF, -EBADF }, - return_pipe[2] = { -EBADF, -EBADF }, - json_pipe[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int error_pipe[2] = PIPE_EBADF, + return_pipe[2] = PIPE_EBADF, + json_pipe[2] = PIPE_EBADF; _cleanup_(json_variant_unrefp) JsonVariant *package_metadata = NULL; _cleanup_free_ char *buf = NULL; int r; diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c index 1be22a62c6e..5c9dd61898a 100644 --- a/src/shared/logs-show.c +++ b/src/shared/logs-show.c @@ -1624,7 +1624,7 @@ int add_matches_for_user_unit(sd_journal *j, const char *unit, uid_t uid) { } static int get_boot_id_for_machine(const char *machine, sd_id128_t *boot_id) { - _cleanup_close_pair_ int pair[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int pair[2] = PIPE_EBADF; _cleanup_close_ int pidnsfd = -EBADF, mntnsfd = -EBADF, rootfd = -EBADF; char buf[SD_ID128_UUID_STRING_MAX]; pid_t pid, child; diff --git a/src/shared/loop-util.c b/src/shared/loop-util.c index eb1a5bb59fd..3224286186c 100644 --- a/src/shared/loop-util.c +++ b/src/shared/loop-util.c @@ -683,7 +683,7 @@ int loop_device_make_by_path_memory( } static LoopDevice* loop_device_free(LoopDevice *d) { - _cleanup_close_ int control = -1; + _cleanup_close_ int control = -EBADF; int r; if (!d) diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c index 80cf87526ee..603eb7b780f 100644 --- a/src/shared/mount-util.c +++ b/src/shared/mount-util.c @@ -806,7 +806,7 @@ static int mount_in_namespace( const MountOptions *options, bool is_image) { - _cleanup_close_pair_ int errno_pipe_fd[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int errno_pipe_fd[2] = PIPE_EBADF; _cleanup_close_ int mntns_fd = -EBADF, root_fd = -EBADF, pidns_fd = -EBADF, chased_src_fd = -EBADF; char mount_slave[] = "/tmp/propagate.XXXXXX", *mount_tmp, *mount_outside, *p; bool mount_slave_created = false, mount_slave_mounted = false, diff --git a/src/shared/pager.c b/src/shared/pager.c index 831cc1dce04..6ed35a3ca99 100644 --- a/src/shared/pager.c +++ b/src/shared/pager.c @@ -83,7 +83,7 @@ static int no_quit_on_interrupt(int exe_name_fd, const char *less_opts) { } void pager_open(PagerFlags flags) { - _cleanup_close_pair_ int fd[2] = { -EBADF, -EBADF }, exe_name_pipe[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int fd[2] = PIPE_EBADF, exe_name_pipe[2] = PIPE_EBADF; _cleanup_strv_free_ char **pager_args = NULL; _cleanup_free_ char *l = NULL; const char *pager, *less_opts; diff --git a/src/socket-proxy/socket-proxyd.c b/src/socket-proxy/socket-proxyd.c index d73bdbdc1ea..821049e6675 100644 --- a/src/socket-proxy/socket-proxyd.c +++ b/src/socket-proxy/socket-proxyd.c @@ -487,8 +487,8 @@ static int add_connection_socket(Context *context, int fd) { .context = context, .server_fd = fd, .client_fd = -EBADF, - .server_to_client_buffer = { -EBADF, -EBADF }, - .client_to_server_buffer = { -EBADF, -EBADF }, + .server_to_client_buffer = PIPE_EBADF, + .client_to_server_buffer = PIPE_EBADF, }; r = set_ensure_put(&context->connections, NULL, c); diff --git a/src/systemctl/systemctl-edit.c b/src/systemctl/systemctl-edit.c index 3d519ccb8d3..133bce66314 100644 --- a/src/systemctl/systemctl-edit.c +++ b/src/systemctl/systemctl-edit.c @@ -426,12 +426,32 @@ static int find_paths_to_edit( _cleanup_(hashmap_freep) Hashmap *cached_name_map = NULL, *cached_id_map = NULL; _cleanup_(edit_file_free_all) EditFile *edit_files = NULL; _cleanup_(lookup_paths_free) LookupPaths lp = {}; + _cleanup_free_ char *drop_in_alloc = NULL, *suffix = NULL; + const char *drop_in; size_t n_edit_files = 0; int r; assert(names); assert(ret_edit_files); + if (isempty(arg_drop_in)) + drop_in = "override.conf"; + else if (!endswith(arg_drop_in, ".conf")) { + drop_in_alloc = strjoin(arg_drop_in, ".conf"); + if (!drop_in_alloc) + return log_oom(); + + drop_in = drop_in_alloc; + } else + drop_in = arg_drop_in; + + if (!filename_is_valid(drop_in)) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid drop-in file name '%s'.", drop_in); + + suffix = strjoin(".d/", drop_in); + if (!suffix) + return log_oom(); + r = lookup_paths_init(&lp, arg_scope, 0, arg_root); if (r < 0) return r; @@ -468,7 +488,7 @@ static int find_paths_to_edit( r = unit_file_create_new( &lp, *name, - arg_full ? NULL : ".d/override.conf", + arg_full ? NULL : suffix, NULL, edit_files + n_edit_files); } else { @@ -508,7 +528,7 @@ static int find_paths_to_edit( r = unit_file_create_new( &lp, unit_name, - ".d/override.conf", + suffix, unit_paths, edit_files + n_edit_files); } diff --git a/src/systemctl/systemctl-start-unit.c b/src/systemctl/systemctl-start-unit.c index 42a5b086c37..224e831b99f 100644 --- a/src/systemctl/systemctl-start-unit.c +++ b/src/systemctl/systemctl-start-unit.c @@ -299,7 +299,7 @@ int verb_start(int argc, char *argv[], void *userdata) { mode = "isolate"; suffix = ".target"; } else if (!arg_marked) { - /* A command in style of "systemctl start …", "sysemctl stop …" and so on */ + /* A command in style of "systemctl start …", "systemctl stop …" and so on */ method = verb_to_method(argv[0]); job_type = verb_to_job_type(argv[0]); mode = arg_job_mode(); diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c index d13c7867e22..ae9b95620e5 100644 --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c @@ -118,6 +118,7 @@ TimestampStyle arg_timestamp_style = TIMESTAMP_PRETTY; bool arg_read_only = false; bool arg_mkdir = false; bool arg_marked = false; +const char *arg_drop_in = NULL; STATIC_DESTRUCTOR_REGISTER(arg_types, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_states, strv_freep); @@ -131,6 +132,7 @@ STATIC_DESTRUCTOR_REGISTER(arg_reboot_argument, unsetp); STATIC_DESTRUCTOR_REGISTER(arg_host, unsetp); STATIC_DESTRUCTOR_REGISTER(arg_boot_loader_entry, unsetp); STATIC_DESTRUCTOR_REGISTER(arg_clean_what, strv_freep); +STATIC_DESTRUCTOR_REGISTER(arg_drop_in, unsetp); static int systemctl_help(void) { _cleanup_free_ char *link = NULL; @@ -316,6 +318,7 @@ static int systemctl_help(void) { " --read-only Create read-only bind mount\n" " --mkdir Create directory before mounting, if missing\n" " --marked Restart/reload previously marked units\n" + " --drop-in=NAME Edit unit files using the specified drop-in file name\n" "\nSee the %2$s for details.\n", program_invocation_short_name, link, @@ -438,6 +441,7 @@ static int systemctl_parse_argv(int argc, char *argv[]) { ARG_MKDIR, ARG_MARKED, ARG_NO_WARN, + ARG_DROP_IN, }; static const struct option options[] = { @@ -500,6 +504,7 @@ static int systemctl_parse_argv(int argc, char *argv[]) { { "read-only", no_argument, NULL, ARG_READ_ONLY }, { "mkdir", no_argument, NULL, ARG_MKDIR }, { "marked", no_argument, NULL, ARG_MARKED }, + { "drop-in", required_argument, NULL, ARG_DROP_IN }, {} }; @@ -936,6 +941,10 @@ static int systemctl_parse_argv(int argc, char *argv[]) { arg_no_warn = true; break; + case ARG_DROP_IN: + arg_drop_in = optarg; + break; + case '.': /* Output an error mimicking getopt, and print a hint afterwards */ log_error("%s: invalid option -- '.'", program_invocation_name); diff --git a/src/systemctl/systemctl.h b/src/systemctl/systemctl.h index 1a7a6e28d39..9f9b8faa696 100644 --- a/src/systemctl/systemctl.h +++ b/src/systemctl/systemctl.h @@ -97,6 +97,7 @@ extern TimestampStyle arg_timestamp_style; extern bool arg_read_only; extern bool arg_mkdir; extern bool arg_marked; +extern const char *arg_drop_in; static inline const char* arg_job_mode(void) { return _arg_job_mode ?: "replace"; diff --git a/src/sysupdate/sysupdate-resource.c b/src/sysupdate/sysupdate-resource.c index 759c81a4f0b..04d425299d2 100644 --- a/src/sysupdate/sysupdate-resource.c +++ b/src/sysupdate/sysupdate-resource.c @@ -242,7 +242,7 @@ static int download_manifest( size_t *ret_size) { _cleanup_free_ char *buffer = NULL, *suffixed_url = NULL; - _cleanup_(close_pairp) int pfd[2] = { -EBADF, -EBADF }; + _cleanup_(close_pairp) int pfd[2] = PIPE_EBADF; _cleanup_fclose_ FILE *manifest = NULL; size_t size = 0; pid_t pid; @@ -282,7 +282,7 @@ static int download_manifest( pfd[0] = safe_close(pfd[0]); - r = rearrange_stdio(-1, pfd[1], STDERR_FILENO); + r = rearrange_stdio(-EBADF, pfd[1], STDERR_FILENO); if (r < 0) { log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index b68a7d6d5ac..6e197b964db 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -251,7 +251,7 @@ static int load_group_database(void) { static int make_backup(const char *target, const char *x) { _cleanup_(unlink_and_freep) char *dst_tmp = NULL; _cleanup_fclose_ FILE *dst = NULL; - _cleanup_close_ int src = -1; + _cleanup_close_ int src = -EBADF; const char *backup; struct stat st; int r; @@ -2093,7 +2093,7 @@ static int run(int argc, char *argv[]) { _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL; _cleanup_(umount_and_rmdir_and_freep) char *unlink_dir = NULL; #endif - _cleanup_close_ int lock = -1; + _cleanup_close_ int lock = -EBADF; Item *i; int r; diff --git a/src/test/test-compress.c b/src/test/test-compress.c index 339482a4382..f5ec47cb3c8 100644 --- a/src/test/test-compress.c +++ b/src/test/test-compress.c @@ -170,7 +170,7 @@ _unused_ static void test_compress_stream(int flag, decompress_stream_t decompress, const char *srcfile) { - _cleanup_close_ int src = -1, dst = -1, dst2 = -1; + _cleanup_close_ int src = -EBADF, dst = -EBADF, dst2 = -EBADF; _cleanup_(unlink_tempfilep) char pattern[] = "/tmp/systemd-test.compressed.XXXXXX", pattern2[] = "/tmp/systemd-test.compressed.XXXXXX"; diff --git a/src/test/test-copy.c b/src/test/test-copy.c index 2568b9b384e..5a4af174fe1 100644 --- a/src/test/test-copy.c +++ b/src/test/test-copy.c @@ -78,7 +78,7 @@ TEST(copy_tree_replace_file) { TEST(copy_tree_replace_dirs) { _cleanup_(rm_rf_physical_and_freep) char *srcp = NULL, *dstp = NULL; - _cleanup_close_ int src = -1, dst = -1; + _cleanup_close_ int src = -EBADF, dst = -EBADF; /* Create the random source/destination directories */ assert_se((src = mkdtemp_open(NULL, 0, &srcp)) >= 0); @@ -257,7 +257,7 @@ TEST(copy_tree) { } TEST(copy_bytes) { - _cleanup_close_pair_ int pipefd[2] = {-1, -1}; + _cleanup_close_pair_ int pipefd[2] = PIPE_EBADF; _cleanup_close_ int infd = -EBADF; int r, r2; char buf[1024], buf2[1024]; diff --git a/src/test/test-data-fd-util.c b/src/test/test-data-fd-util.c index d69648842e0..c0febec2080 100644 --- a/src/test/test-data-fd-util.c +++ b/src/test/test-data-fd-util.c @@ -81,7 +81,7 @@ static void assert_equal_fd(int fd1, int fd2) { TEST(copy_data_fd) { _cleanup_close_ int fd1 = -EBADF, fd2 = -EBADF; - _cleanup_(close_pairp) int sfd[2] = { -EBADF, -EBADF }; + _cleanup_(close_pairp) int sfd[2] = PIPE_EBADF; _cleanup_(sigkill_waitp) pid_t pid = -1; int r; diff --git a/src/test/test-execute.c b/src/test/test-execute.c index 51c3e755e04..7fe78207e01 100644 --- a/src/test/test-execute.c +++ b/src/test/test-execute.c @@ -559,7 +559,7 @@ static int find_libraries(const char *exec, char ***ret) { _cleanup_(sd_event_source_unrefp) sd_event_source *sigchld_source = NULL; _cleanup_(sd_event_source_unrefp) sd_event_source *stdout_source = NULL; _cleanup_(sd_event_source_unrefp) sd_event_source *stderr_source = NULL; - _cleanup_close_pair_ int outpipe[2] = {-1, -1}, errpipe[2] = {-1, -1}; + _cleanup_close_pair_ int outpipe[2] = PIPE_EBADF, errpipe[2] = PIPE_EBADF; _cleanup_strv_free_ char **libraries = NULL; _cleanup_free_ char *result = NULL; pid_t pid; @@ -576,7 +576,7 @@ static int find_libraries(const char *exec, char ***ret) { r = safe_fork("(spawn-ldd)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid); assert_se(r >= 0); if (r == 0) { - if (rearrange_stdio(-1, TAKE_FD(outpipe[1]), TAKE_FD(errpipe[1])) < 0) + if (rearrange_stdio(-EBADF, TAKE_FD(outpipe[1]), TAKE_FD(errpipe[1])) < 0) _exit(EXIT_FAILURE); (void) close_all_fds(NULL, 0); diff --git a/src/test/test-fd-util.c b/src/test/test-fd-util.c index f08d0f0dd47..1ca9ef8bbd7 100644 --- a/src/test/test-fd-util.c +++ b/src/test/test-fd-util.c @@ -133,7 +133,7 @@ TEST(rearrange_stdio) { safe_close(STDERR_FILENO); /* Let's close an fd < 2, to make it more interesting */ - assert_se(rearrange_stdio(-1, -1, -1) >= 0); + assert_se(rearrange_stdio(-EBADF, -EBADF, -EBADF) >= 0); assert_se(fd_get_path(STDIN_FILENO, &path) >= 0); assert_se(path_equal(path, "/dev/null")); @@ -170,7 +170,7 @@ TEST(rearrange_stdio) { assert_se(read(0, buffer, sizeof(buffer)) == 6); assert_se(memcmp(buffer, "foobar", 6) == 0); - assert_se(rearrange_stdio(-1, 1, 2) >= 0); + assert_se(rearrange_stdio(-EBADF, 1, 2) >= 0); assert_se(write(1, "a", 1) < 0 && errno == ENOSPC); assert_se(write(2, "y", 1) == 1); assert_se(read(3, buffer, sizeof(buffer)) == 1); @@ -532,7 +532,7 @@ TEST(fd_reopen_condition) { TEST(take_fd) { _cleanup_close_ int fd1 = -EBADF, fd2 = -EBADF; - int array[2] = { -EBADF, -EBADF }, i = 0; + int array[2] = PIPE_EBADF, i = 0; assert_se(fd1 == -EBADF); assert_se(fd2 == -EBADF); diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c index 2009c0f972b..9d9c7198756 100644 --- a/src/test/test-fileio.c +++ b/src/test/test-fileio.c @@ -877,7 +877,7 @@ TEST(read_nul_string) { TEST(read_full_file_socket) { _cleanup_(rm_rf_physical_and_freep) char *z = NULL; - _cleanup_close_ int listener = -1; + _cleanup_close_ int listener = -EBADF; _cleanup_free_ char *data = NULL, *clientname = NULL; union sockaddr_union sa; const char *j, *jj; diff --git a/src/test/test-namespace.c b/src/test/test-namespace.c index be09f71e752..72155127c1e 100644 --- a/src/test/test-namespace.c +++ b/src/test/test-namespace.c @@ -83,7 +83,7 @@ TEST(tmpdir) { } static void test_shareable_ns(unsigned long nsflag) { - _cleanup_close_pair_ int s[2] = { -EBADF, -EBADF }; + _cleanup_close_pair_ int s[2] = PIPE_EBADF; pid_t pid1, pid2, pid3; int r, n = 0; siginfo_t si; diff --git a/src/test/test-terminal-util.c b/src/test/test-terminal-util.c index 8d0e4520382..8d5b24e5025 100644 --- a/src/test/test-terminal-util.c +++ b/src/test/test-terminal-util.c @@ -66,7 +66,7 @@ TEST(read_one_char) { TEST(getttyname_malloc) { _cleanup_free_ char *ttyname = NULL; - _cleanup_close_ int master = -1; + _cleanup_close_ int master = -EBADF; assert_se((master = posix_openpt(O_RDWR|O_NOCTTY)) >= 0); assert_se(getttyname_malloc(master, &ttyname) >= 0); diff --git a/src/test/test-varlink.c b/src/test/test-varlink.c index 58112591831..e961887fecb 100644 --- a/src/test/test-varlink.c +++ b/src/test/test-varlink.c @@ -191,7 +191,7 @@ int main(int argc, char *argv[]) { _cleanup_(rm_rf_physical_and_freep) char *tmpdir = NULL; _cleanup_(json_variant_unrefp) JsonVariant *v = NULL; _cleanup_(sd_event_unrefp) sd_event *e = NULL; - _cleanup_(close_pairp) int block_fds[2] = { -EBADF, -EBADF }; + _cleanup_(close_pairp) int block_fds[2] = PIPE_EBADF; pthread_t t; const char *sp; diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c index f70873ff6eb..b26de6ecd6b 100644 --- a/src/timesync/timesyncd-manager.c +++ b/src/timesync/timesyncd-manager.c @@ -1113,7 +1113,7 @@ int manager_new(Manager **ret) { .connection_retry_usec = DEFAULT_CONNECTION_RETRY_USEC, - .server_socket = -1, + .server_socket = -EBADF, .ratelimit = (const RateLimit) { RATELIMIT_INTERVAL_USEC, diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index 9166e1f9ecd..46d2307ad31 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -338,7 +338,7 @@ static int process_and_watch_password_files(bool watch) { }; _unused_ _cleanup_close_ int tty_block_fd = -EBADF; - _cleanup_close_ int notify = -1, signal_fd = -EBADF; + _cleanup_close_ int notify = -EBADF, signal_fd = -EBADF; struct pollfd pollfd[_FD_MAX]; sigset_t mask; int r; diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c index 625c4faad83..24180f9418f 100644 --- a/src/udev/udev-ctrl.c +++ b/src/udev/udev-ctrl.c @@ -46,7 +46,7 @@ struct UdevCtrl { }; int udev_ctrl_new_from_fd(UdevCtrl **ret, int fd) { - _cleanup_close_ int sock = -1; + _cleanup_close_ int sock = -EBADF; UdevCtrl *uctrl; assert(ret); @@ -64,7 +64,7 @@ int udev_ctrl_new_from_fd(UdevCtrl **ret, int fd) { *uctrl = (UdevCtrl) { .n_ref = 1, .sock = fd >= 0 ? fd : TAKE_FD(sock), - .sock_connect = -1, + .sock_connect = -EBADF, .bound = fd >= 0, }; @@ -217,7 +217,7 @@ static int udev_ctrl_connection_event_handler(sd_event_source *s, int fd, uint32 static int udev_ctrl_event_handler(sd_event_source *s, int fd, uint32_t revents, void *userdata) { UdevCtrl *uctrl = ASSERT_PTR(userdata); - _cleanup_close_ int sock = -1; + _cleanup_close_ int sock = -EBADF; struct ucred ucred; int r; diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c index 63be5275e4b..7a59e7c759c 100644 --- a/src/udev/udev-event.c +++ b/src/udev/udev-event.c @@ -763,7 +763,7 @@ int udev_event_spawn( size_t ressize, bool *ret_truncated) { - _cleanup_close_pair_ int outpipe[2] = {-1, -1}, errpipe[2] = {-1, -1}; + _cleanup_close_pair_ int outpipe[2] = PIPE_EBADF, errpipe[2] = PIPE_EBADF; _cleanup_strv_free_ char **argv = NULL; char **envp = NULL; Spawn spawn; @@ -815,7 +815,7 @@ int udev_event_spawn( return log_device_error_errno(event->dev, r, "Failed to fork() to execute command '%s': %m", cmd); if (r == 0) { - if (rearrange_stdio(-1, TAKE_FD(outpipe[WRITE_END]), TAKE_FD(errpipe[WRITE_END])) < 0) + if (rearrange_stdio(-EBADF, TAKE_FD(outpipe[WRITE_END]), TAKE_FD(errpipe[WRITE_END])) < 0) _exit(EXIT_FAILURE); (void) close_all_fds(NULL, 0); diff --git a/src/udev/udevd.c b/src/udev/udevd.c index 4942c852a0b..28b76bfbab2 100644 --- a/src/udev/udevd.c +++ b/src/udev/udevd.c @@ -1848,7 +1848,7 @@ static int manager_new(Manager **ret, int fd_ctrl, int fd_uevent) { *manager = (Manager) { .inotify_fd = -EBADF, - .worker_watch = { -EBADF, -EBADF }, + .worker_watch = PIPE_EBADF, .cgroup = TAKE_PTR(cgroup), };